Merged revisions 66262 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk ........ r66262 | benjamin.peterson | 2008-09-06 14:28:11 -0500 (Sat, 06 Sep 2008) | 4 lines #1638033: add support for httponly on Cookie.Morsel Reviewer: Benjamin ........
This commit is contained in:
Benjamin Peterson
parent
ae55dc0da4
commit
35e661c711
|
|
@ -109,7 +109,7 @@ Morsel Objects
|
|||
--------------
|
||||
|
||||
|
||||
.. class:: Morsel()
|
||||
.. class:: Morsel
|
||||
|
||||
Abstract a key/value pair, which has some :rfc:`2109` attributes.
|
||||
|
||||
|
|
@ -123,9 +123,17 @@ Morsel Objects
|
|||
* ``max-age``
|
||||
* ``secure``
|
||||
* ``version``
|
||||
* ``httponly``
|
||||
|
||||
The attribute :attr:`httponly` specifies that the cookie is only transfered
|
||||
in HTTP requests, and is not accessible through JavaScript. This is intended
|
||||
to mitigate some forms of cross-site scripting.
|
||||
|
||||
The keys are case-insensitive.
|
||||
|
||||
.. versionadded:: 2.6
|
||||
The :attr:`httponly` attribute was added.
|
||||
|
||||
|
||||
.. attribute:: Morsel.value
|
||||
|
||||
|
|
|
|||
|
|
@ -325,6 +325,9 @@ class Morsel(dict):
|
|||
# For historical reasons, these attributes are also reserved:
|
||||
# expires
|
||||
#
|
||||
# This is an extension from Microsoft:
|
||||
# httponly
|
||||
#
|
||||
# This dictionary provides a mapping from the lowercase
|
||||
# variant on the left to the appropriate traditional
|
||||
# formatting on the right.
|
||||
|
|
@ -334,6 +337,7 @@ class Morsel(dict):
|
|||
"domain" : "Domain",
|
||||
"max-age" : "Max-Age",
|
||||
"secure" : "secure",
|
||||
"httponly" : "httponly",
|
||||
"version" : "Version",
|
||||
}
|
||||
|
||||
|
|
@ -413,6 +417,8 @@ class Morsel(dict):
|
|||
RA("%s=%d" % (self._reserved[K], V))
|
||||
elif K == "secure":
|
||||
RA(str(self._reserved[K]))
|
||||
elif K == "httponly":
|
||||
RA(str(self._reserved[K]))
|
||||
else:
|
||||
RA("%s=%s" % (self._reserved[K], V))
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue